mirror of https://github.com/gophish/gophish
Fix multiple XSS issues in User Management Page (#1547)
If the user name is embedding some JS code, it will be executed on the client side. Note: gophish/static/js/dist/app/users.min.js will need to be regenerated too.pull/1556/head
parent
f95e9554c7
commit
24fe998a3a
|
@ -19,7 +19,7 @@ const save = (id) => {
|
||||||
user.id = id
|
user.id = id
|
||||||
api.userId.put(user)
|
api.userId.put(user)
|
||||||
.success(function (data) {
|
.success(function (data) {
|
||||||
successFlash(`User ${user.username} updated successfully!`)
|
successFlash("User " + escapeHtml(user.username) + " updated successfully!")
|
||||||
load()
|
load()
|
||||||
dismiss()
|
dismiss()
|
||||||
$("#modal").modal('hide')
|
$("#modal").modal('hide')
|
||||||
|
@ -32,7 +32,7 @@ const save = (id) => {
|
||||||
// to /user
|
// to /user
|
||||||
api.users.post(user)
|
api.users.post(user)
|
||||||
.success(function (data) {
|
.success(function (data) {
|
||||||
successFlash(`User ${user.username} registered successfully!`)
|
successFlash("User " + escapeHtml(user.username) + " registered successfully!")
|
||||||
load()
|
load()
|
||||||
dismiss()
|
dismiss()
|
||||||
$("#modal").modal('hide')
|
$("#modal").modal('hide')
|
||||||
|
@ -79,7 +79,7 @@ const deleteUser = (id) => {
|
||||||
}
|
}
|
||||||
swal({
|
swal({
|
||||||
title: "Are you sure?",
|
title: "Are you sure?",
|
||||||
text: `This will delete the account for ${user.username} as well as all of the objects they have created.\n\nThis can't be undone!`,
|
text: "This will delete the account for " + escapeHtml(user.username) + " as well as all of the objects they have created.\n\nThis can't be undone!",
|
||||||
type: "warning",
|
type: "warning",
|
||||||
animation: false,
|
animation: false,
|
||||||
showCancelButton: true,
|
showCancelButton: true,
|
||||||
|
@ -101,7 +101,7 @@ const deleteUser = (id) => {
|
||||||
}).then(function () {
|
}).then(function () {
|
||||||
swal(
|
swal(
|
||||||
'User Deleted!',
|
'User Deleted!',
|
||||||
`The user account for ${user.username} and all associated objects have been deleted!`,
|
"The user account for " + escapeHtml(user.username) + " and all associated objects have been deleted!",
|
||||||
'success'
|
'success'
|
||||||
);
|
);
|
||||||
$('button:contains("OK")').on('click', function () {
|
$('button:contains("OK")').on('click', function () {
|
||||||
|
@ -175,4 +175,4 @@ $(document).ready(function () {
|
||||||
$("#userTable").on('click', '.delete_button', function (e) {
|
$("#userTable").on('click', '.delete_button', function (e) {
|
||||||
deleteUser($(this).attr('data-user-id'))
|
deleteUser($(this).attr('data-user-id'))
|
||||||
})
|
})
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in New Issue